CVE-2025-40327
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
perf/core: Fix system hang caused by cpu-clock usage
cpu-clock usage by the async-profiler tool can trigger a system hang, which got bisected back to the following commit by Octavia Togami:
18dbcbfabfff ("perf: Fix the POLL_HUP delivery breakage") causes this issue
The root cause of the hang is that cpu-clock is a special type of SW event which relies on hrtimers. The __perf_event_overflow() callback is invoked from the hrtimer handler for cpu-clock events, and __perf_event_overflow() tries to call cpu_clock_event_stop() to stop the event, which calls htimer_cancel() to cancel the hrtimer.
But that's a recursion into the hrtimer code from a hrtimer handler, which (unsurprisingly) deadlocks.
To fix this bug, use hrtimer_try_to_cancel() instead, and set the PERF_HES_STOPPED flag, which causes perf_swevent_hrtimer() to stop the event once it sees the PERF_HES_STOPPED flag.
[ mingo: Fixed the comments and improved the changelog. ]
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 18dbcbfabfffc4a5d3ea10290c5ad27f22b0d240 < 6b8c512811644cf2f5eaf6f44e928683c54127f0 | affected |
| Linux | Linux | 18dbcbfabfffc4a5d3ea10290c5ad27f22b0d240 < eb3182ef0405ff2f6668fd3e5ff9883f60ce8801 | affected |
| Linux | Linux | b2de0c9ce8e542b5cb4cd3944620d9dd1ea1f0ac | affected |
| Linux | Linux | 6.16.8 < 6.17 | affected |
| Linux | Linux | 6.17 | affected |
| Linux | Linux | 0 < 6.17 | unaffected |
| Linux | Linux | 6.17.8 <= 6.17.* | unaffected |
| Linux | Linux | 6.18 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/6b8c512811644cf2f5eaf6f44e928683c54127f0
- https://git.kernel.org/stable/c/eb3182ef0405ff2f6668fd3e5ff9883f60ce8801
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.